| [98] | 1 | package soju
|
|---|
| [1] | 2 |
|
|---|
| 3 | import (
|
|---|
| 4 | "fmt"
|
|---|
| [37] | 5 | "log"
|
|---|
| [1] | 6 | "net"
|
|---|
| [323] | 7 | "net/http"
|
|---|
| [24] | 8 | "sync"
|
|---|
| [323] | 9 | "sync/atomic"
|
|---|
| [67] | 10 | "time"
|
|---|
| [1] | 11 |
|
|---|
| 12 | "gopkg.in/irc.v3"
|
|---|
| [323] | 13 | "nhooyr.io/websocket"
|
|---|
| [370] | 14 |
|
|---|
| 15 | "git.sr.ht/~emersion/soju/config"
|
|---|
| [1] | 16 | )
|
|---|
| 17 |
|
|---|
| [67] | 18 | // TODO: make configurable
|
|---|
| [71] | 19 | var retryConnectMinDelay = time.Minute
|
|---|
| [206] | 20 | var connectTimeout = 15 * time.Second
|
|---|
| [205] | 21 | var writeTimeout = 10 * time.Second
|
|---|
| [67] | 22 |
|
|---|
| [9] | 23 | type Logger interface {
|
|---|
| 24 | Print(v ...interface{})
|
|---|
| 25 | Printf(format string, v ...interface{})
|
|---|
| 26 | }
|
|---|
| 27 |
|
|---|
| [21] | 28 | type prefixLogger struct {
|
|---|
| 29 | logger Logger
|
|---|
| 30 | prefix string
|
|---|
| 31 | }
|
|---|
| 32 |
|
|---|
| 33 | var _ Logger = (*prefixLogger)(nil)
|
|---|
| 34 |
|
|---|
| 35 | func (l *prefixLogger) Print(v ...interface{}) {
|
|---|
| 36 | v = append([]interface{}{l.prefix}, v...)
|
|---|
| 37 | l.logger.Print(v...)
|
|---|
| 38 | }
|
|---|
| 39 |
|
|---|
| 40 | func (l *prefixLogger) Printf(format string, v ...interface{}) {
|
|---|
| 41 | v = append([]interface{}{l.prefix}, v...)
|
|---|
| 42 | l.logger.Printf("%v"+format, v...)
|
|---|
| 43 | }
|
|---|
| 44 |
|
|---|
| [10] | 45 | type Server struct {
|
|---|
| [370] | 46 | Hostname string
|
|---|
| 47 | Logger Logger
|
|---|
| 48 | RingCap int
|
|---|
| 49 | HistoryLimit int
|
|---|
| 50 | LogPath string
|
|---|
| 51 | Debug bool
|
|---|
| 52 | HTTPOrigins []string
|
|---|
| 53 | AcceptProxyIPs config.IPSet
|
|---|
| [385] | 54 | Identd *Identd // can be nil
|
|---|
| [22] | 55 |
|
|---|
| [77] | 56 | db *DB
|
|---|
| 57 |
|
|---|
| [172] | 58 | lock sync.Mutex
|
|---|
| 59 | users map[string]*user
|
|---|
| [10] | 60 | }
|
|---|
| 61 |
|
|---|
| [77] | 62 | func NewServer(db *DB) *Server {
|
|---|
| [37] | 63 | return &Server{
|
|---|
| [319] | 64 | Logger: log.New(log.Writer(), "", log.LstdFlags),
|
|---|
| 65 | RingCap: 4096,
|
|---|
| 66 | HistoryLimit: 1000,
|
|---|
| 67 | users: make(map[string]*user),
|
|---|
| 68 | db: db,
|
|---|
| [37] | 69 | }
|
|---|
| 70 | }
|
|---|
| 71 |
|
|---|
| [5] | 72 | func (s *Server) prefix() *irc.Prefix {
|
|---|
| 73 | return &irc.Prefix{Name: s.Hostname}
|
|---|
| 74 | }
|
|---|
| 75 |
|
|---|
| [77] | 76 | func (s *Server) Run() error {
|
|---|
| 77 | users, err := s.db.ListUsers()
|
|---|
| 78 | if err != nil {
|
|---|
| 79 | return err
|
|---|
| 80 | }
|
|---|
| [71] | 81 |
|
|---|
| [77] | 82 | s.lock.Lock()
|
|---|
| [378] | 83 | for i := range users {
|
|---|
| 84 | s.addUserLocked(&users[i])
|
|---|
| [71] | 85 | }
|
|---|
| [37] | 86 | s.lock.Unlock()
|
|---|
| 87 |
|
|---|
| [77] | 88 | select {}
|
|---|
| [10] | 89 | }
|
|---|
| 90 |
|
|---|
| [329] | 91 | func (s *Server) createUser(user *User) (*user, error) {
|
|---|
| 92 | s.lock.Lock()
|
|---|
| 93 | defer s.lock.Unlock()
|
|---|
| 94 |
|
|---|
| 95 | if _, ok := s.users[user.Username]; ok {
|
|---|
| 96 | return nil, fmt.Errorf("user %q already exists", user.Username)
|
|---|
| 97 | }
|
|---|
| 98 |
|
|---|
| 99 | err := s.db.StoreUser(user)
|
|---|
| 100 | if err != nil {
|
|---|
| 101 | return nil, fmt.Errorf("could not create user in db: %v", err)
|
|---|
| 102 | }
|
|---|
| 103 |
|
|---|
| [378] | 104 | return s.addUserLocked(user), nil
|
|---|
| [329] | 105 | }
|
|---|
| 106 |
|
|---|
| [38] | 107 | func (s *Server) getUser(name string) *user {
|
|---|
| 108 | s.lock.Lock()
|
|---|
| 109 | u := s.users[name]
|
|---|
| 110 | s.lock.Unlock()
|
|---|
| 111 | return u
|
|---|
| 112 | }
|
|---|
| 113 |
|
|---|
| [378] | 114 | func (s *Server) addUserLocked(user *User) *user {
|
|---|
| 115 | s.Logger.Printf("starting bouncer for user %q", user.Username)
|
|---|
| 116 | u := newUser(s, user)
|
|---|
| 117 | s.users[u.Username] = u
|
|---|
| 118 |
|
|---|
| 119 | go func() {
|
|---|
| 120 | u.run()
|
|---|
| 121 |
|
|---|
| 122 | s.lock.Lock()
|
|---|
| 123 | delete(s.users, u.Username)
|
|---|
| 124 | s.lock.Unlock()
|
|---|
| 125 | }()
|
|---|
| 126 |
|
|---|
| 127 | return u
|
|---|
| 128 | }
|
|---|
| 129 |
|
|---|
| [323] | 130 | var lastDownstreamID uint64 = 0
|
|---|
| 131 |
|
|---|
| [347] | 132 | func (s *Server) handle(ic ircConn) {
|
|---|
| [323] | 133 | id := atomic.AddUint64(&lastDownstreamID, 1)
|
|---|
| [347] | 134 | dc := newDownstreamConn(s, ic, id)
|
|---|
| [323] | 135 | if err := dc.runUntilRegistered(); err != nil {
|
|---|
| 136 | dc.logger.Print(err)
|
|---|
| 137 | } else {
|
|---|
| 138 | dc.user.events <- eventDownstreamConnected{dc}
|
|---|
| 139 | if err := dc.readMessages(dc.user.events); err != nil {
|
|---|
| 140 | dc.logger.Print(err)
|
|---|
| 141 | }
|
|---|
| 142 | dc.user.events <- eventDownstreamDisconnected{dc}
|
|---|
| 143 | }
|
|---|
| 144 | dc.Close()
|
|---|
| 145 | }
|
|---|
| 146 |
|
|---|
| [3] | 147 | func (s *Server) Serve(ln net.Listener) error {
|
|---|
| [1] | 148 | for {
|
|---|
| [323] | 149 | conn, err := ln.Accept()
|
|---|
| [1] | 150 | if err != nil {
|
|---|
| 151 | return fmt.Errorf("failed to accept connection: %v", err)
|
|---|
| 152 | }
|
|---|
| 153 |
|
|---|
| [347] | 154 | go s.handle(newNetIRCConn(conn))
|
|---|
| [1] | 155 | }
|
|---|
| 156 | }
|
|---|
| [323] | 157 |
|
|---|
| 158 | func (s *Server) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|---|
| 159 | conn, err := websocket.Accept(w, req, &websocket.AcceptOptions{
|
|---|
| 160 | OriginPatterns: s.HTTPOrigins,
|
|---|
| [348] | 161 | Subprotocols: []string{"irc"},
|
|---|
| [323] | 162 | })
|
|---|
| 163 | if err != nil {
|
|---|
| 164 | s.Logger.Printf("failed to serve HTTP connection: %v", err)
|
|---|
| 165 | return
|
|---|
| 166 | }
|
|---|
| [345] | 167 |
|
|---|
| [370] | 168 | isProxy := false
|
|---|
| [345] | 169 | if host, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
|
|---|
| 170 | if ip := net.ParseIP(host); ip != nil {
|
|---|
| [370] | 171 | isProxy = s.AcceptProxyIPs.Contains(ip)
|
|---|
| [345] | 172 | }
|
|---|
| 173 | }
|
|---|
| 174 |
|
|---|
| [370] | 175 | // Only trust X-Forwarded-* header fields if this is a trusted proxy IP
|
|---|
| [345] | 176 | // to prevent users from spoofing the remote address
|
|---|
| [344] | 177 | remoteAddr := req.RemoteAddr
|
|---|
| 178 | forwardedHost := req.Header.Get("X-Forwarded-For")
|
|---|
| 179 | forwardedPort := req.Header.Get("X-Forwarded-Port")
|
|---|
| [370] | 180 | if isProxy && forwardedHost != "" && forwardedPort != "" {
|
|---|
| [344] | 181 | remoteAddr = net.JoinHostPort(forwardedHost, forwardedPort)
|
|---|
| 182 | }
|
|---|
| [345] | 183 |
|
|---|
| [347] | 184 | s.handle(newWebsocketIRCConn(conn, remoteAddr))
|
|---|
| [323] | 185 | }
|
|---|
